2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
25 /* Bluetooth HCI event handling. */
27 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 #ifndef CONFIG_BT_HCI_CORE_DEBUG
53 /* Handle HCI Event packets */
55 /* Command Complete OGF LINK_CTL */
56 static void hci_cc_link_ctl(struct hci_dev
*hdev
, __u16 ocf
, struct sk_buff
*skb
)
59 struct hci_conn
*pend
;
61 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
64 case OCF_INQUIRY_CANCEL
:
65 case OCF_EXIT_PERIODIC_INQ
:
66 status
= *((__u8
*) skb
->data
);
69 BT_DBG("%s Inquiry cancel error: status 0x%x", hdev
->name
, status
);
71 clear_bit(HCI_INQUIRY
, &hdev
->flags
);
72 hci_req_complete(hdev
, status
);
77 pend
= hci_conn_hash_lookup_state(hdev
, ACL_LINK
, BT_CONNECT2
);
79 hci_acl_connect(pend
);
86 BT_DBG("%s Command complete: ogf LINK_CTL ocf %x", hdev
->name
, ocf
);
91 /* Command Complete OGF LINK_POLICY */
92 static void hci_cc_link_policy(struct hci_dev
*hdev
, __u16 ocf
, struct sk_buff
*skb
)
94 struct hci_conn
*conn
;
95 struct hci_rp_role_discovery
*rd
;
96 struct hci_rp_write_link_policy
*lp
;
99 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
102 case OCF_ROLE_DISCOVERY
:
103 rd
= (void *) skb
->data
;
110 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(rd
->handle
));
113 conn
->link_mode
&= ~HCI_LM_MASTER
;
115 conn
->link_mode
|= HCI_LM_MASTER
;
118 hci_dev_unlock(hdev
);
121 case OCF_WRITE_LINK_POLICY
:
122 sent
= hci_sent_cmd_data(hdev
, OGF_LINK_POLICY
, OCF_WRITE_LINK_POLICY
);
126 lp
= (struct hci_rp_write_link_policy
*) skb
->data
;
133 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(lp
->handle
));
135 __le16 policy
= get_unaligned((__le16
*) (sent
+ 2));
136 conn
->link_policy
= __le16_to_cpu(policy
);
139 hci_dev_unlock(hdev
);
143 BT_DBG("%s: Command complete: ogf LINK_POLICY ocf %x",
149 /* Command Complete OGF HOST_CTL */
150 static void hci_cc_host_ctl(struct hci_dev
*hdev
, __u16 ocf
, struct sk_buff
*skb
)
154 struct hci_rp_read_voice_setting
*vs
;
157 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
161 status
= *((__u8
*) skb
->data
);
162 hci_req_complete(hdev
, status
);
165 case OCF_SET_EVENT_FLT
:
166 status
= *((__u8
*) skb
->data
);
168 BT_DBG("%s SET_EVENT_FLT failed %d", hdev
->name
, status
);
170 BT_DBG("%s SET_EVENT_FLT succeseful", hdev
->name
);
174 case OCF_WRITE_AUTH_ENABLE
:
175 sent
= hci_sent_cmd_data(hdev
, OGF_HOST_CTL
, OCF_WRITE_AUTH_ENABLE
);
179 status
= *((__u8
*) skb
->data
);
180 param
= *((__u8
*) sent
);
183 if (param
== AUTH_ENABLED
)
184 set_bit(HCI_AUTH
, &hdev
->flags
);
186 clear_bit(HCI_AUTH
, &hdev
->flags
);
188 hci_req_complete(hdev
, status
);
191 case OCF_WRITE_ENCRYPT_MODE
:
192 sent
= hci_sent_cmd_data(hdev
, OGF_HOST_CTL
, OCF_WRITE_ENCRYPT_MODE
);
196 status
= *((__u8
*) skb
->data
);
197 param
= *((__u8
*) sent
);
201 set_bit(HCI_ENCRYPT
, &hdev
->flags
);
203 clear_bit(HCI_ENCRYPT
, &hdev
->flags
);
205 hci_req_complete(hdev
, status
);
208 case OCF_WRITE_CA_TIMEOUT
:
209 status
= *((__u8
*) skb
->data
);
211 BT_DBG("%s OCF_WRITE_CA_TIMEOUT failed %d", hdev
->name
, status
);
213 BT_DBG("%s OCF_WRITE_CA_TIMEOUT succeseful", hdev
->name
);
217 case OCF_WRITE_PG_TIMEOUT
:
218 status
= *((__u8
*) skb
->data
);
220 BT_DBG("%s OCF_WRITE_PG_TIMEOUT failed %d", hdev
->name
, status
);
222 BT_DBG("%s: OCF_WRITE_PG_TIMEOUT succeseful", hdev
->name
);
226 case OCF_WRITE_SCAN_ENABLE
:
227 sent
= hci_sent_cmd_data(hdev
, OGF_HOST_CTL
, OCF_WRITE_SCAN_ENABLE
);
231 status
= *((__u8
*) skb
->data
);
232 param
= *((__u8
*) sent
);
234 BT_DBG("param 0x%x", param
);
237 clear_bit(HCI_PSCAN
, &hdev
->flags
);
238 clear_bit(HCI_ISCAN
, &hdev
->flags
);
239 if (param
& SCAN_INQUIRY
)
240 set_bit(HCI_ISCAN
, &hdev
->flags
);
242 if (param
& SCAN_PAGE
)
243 set_bit(HCI_PSCAN
, &hdev
->flags
);
245 hci_req_complete(hdev
, status
);
248 case OCF_READ_VOICE_SETTING
:
249 vs
= (struct hci_rp_read_voice_setting
*) skb
->data
;
252 BT_DBG("%s READ_VOICE_SETTING failed %d", hdev
->name
, vs
->status
);
256 setting
= __le16_to_cpu(vs
->voice_setting
);
258 if (hdev
->voice_setting
!= setting
) {
259 hdev
->voice_setting
= setting
;
261 BT_DBG("%s: voice setting 0x%04x", hdev
->name
, setting
);
264 tasklet_disable(&hdev
->tx_task
);
265 hdev
->notify(hdev
, HCI_NOTIFY_VOICE_SETTING
);
266 tasklet_enable(&hdev
->tx_task
);
271 case OCF_WRITE_VOICE_SETTING
:
272 sent
= hci_sent_cmd_data(hdev
, OGF_HOST_CTL
, OCF_WRITE_VOICE_SETTING
);
276 status
= *((__u8
*) skb
->data
);
277 setting
= __le16_to_cpu(get_unaligned((__le16
*) sent
));
279 if (!status
&& hdev
->voice_setting
!= setting
) {
280 hdev
->voice_setting
= setting
;
282 BT_DBG("%s: voice setting 0x%04x", hdev
->name
, setting
);
285 tasklet_disable(&hdev
->tx_task
);
286 hdev
->notify(hdev
, HCI_NOTIFY_VOICE_SETTING
);
287 tasklet_enable(&hdev
->tx_task
);
290 hci_req_complete(hdev
, status
);
293 case OCF_HOST_BUFFER_SIZE
:
294 status
= *((__u8
*) skb
->data
);
296 BT_DBG("%s OCF_BUFFER_SIZE failed %d", hdev
->name
, status
);
297 hci_req_complete(hdev
, status
);
302 BT_DBG("%s Command complete: ogf HOST_CTL ocf %x", hdev
->name
, ocf
);
307 /* Command Complete OGF INFO_PARAM */
308 static void hci_cc_info_param(struct hci_dev
*hdev
, __u16 ocf
, struct sk_buff
*skb
)
310 struct hci_rp_read_loc_version
*lv
;
311 struct hci_rp_read_local_features
*lf
;
312 struct hci_rp_read_buffer_size
*bs
;
313 struct hci_rp_read_bd_addr
*ba
;
315 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
318 case OCF_READ_LOCAL_VERSION
:
319 lv
= (struct hci_rp_read_loc_version
*) skb
->data
;
322 BT_DBG("%s READ_LOCAL_VERSION failed %d", hdev
->name
, lf
->status
);
326 hdev
->hci_ver
= lv
->hci_ver
;
327 hdev
->hci_rev
= btohs(lv
->hci_rev
);
328 hdev
->manufacturer
= btohs(lv
->manufacturer
);
330 BT_DBG("%s: manufacturer %d hci_ver %d hci_rev %d", hdev
->name
,
331 hdev
->manufacturer
, hdev
->hci_ver
, hdev
->hci_rev
);
335 case OCF_READ_LOCAL_FEATURES
:
336 lf
= (struct hci_rp_read_local_features
*) skb
->data
;
339 BT_DBG("%s READ_LOCAL_FEATURES failed %d", hdev
->name
, lf
->status
);
343 memcpy(hdev
->features
, lf
->features
, sizeof(hdev
->features
));
345 /* Adjust default settings according to features
346 * supported by device. */
347 if (hdev
->features
[0] & LMP_3SLOT
)
348 hdev
->pkt_type
|= (HCI_DM3
| HCI_DH3
);
350 if (hdev
->features
[0] & LMP_5SLOT
)
351 hdev
->pkt_type
|= (HCI_DM5
| HCI_DH5
);
353 if (hdev
->features
[1] & LMP_HV2
) {
354 hdev
->pkt_type
|= (HCI_HV2
);
355 hdev
->esco_type
|= (ESCO_HV2
);
358 if (hdev
->features
[1] & LMP_HV3
) {
359 hdev
->pkt_type
|= (HCI_HV3
);
360 hdev
->esco_type
|= (ESCO_HV3
);
363 if (hdev
->features
[3] & LMP_ESCO
)
364 hdev
->esco_type
|= (ESCO_EV3
);
366 if (hdev
->features
[4] & LMP_EV4
)
367 hdev
->esco_type
|= (ESCO_EV4
);
369 if (hdev
->features
[4] & LMP_EV5
)
370 hdev
->esco_type
|= (ESCO_EV5
);
372 BT_DBG("%s: features 0x%x 0x%x 0x%x", hdev
->name
,
373 lf
->features
[0], lf
->features
[1], lf
->features
[2]);
377 case OCF_READ_BUFFER_SIZE
:
378 bs
= (struct hci_rp_read_buffer_size
*) skb
->data
;
381 BT_DBG("%s READ_BUFFER_SIZE failed %d", hdev
->name
, bs
->status
);
382 hci_req_complete(hdev
, bs
->status
);
386 hdev
->acl_mtu
= __le16_to_cpu(bs
->acl_mtu
);
387 hdev
->sco_mtu
= bs
->sco_mtu
;
388 hdev
->acl_pkts
= __le16_to_cpu(bs
->acl_max_pkt
);
389 hdev
->sco_pkts
= __le16_to_cpu(bs
->sco_max_pkt
);
391 if (test_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE
, &hdev
->quirks
)) {
396 hdev
->acl_cnt
= hdev
->acl_pkts
;
397 hdev
->sco_cnt
= hdev
->sco_pkts
;
399 BT_DBG("%s mtu: acl %d, sco %d max_pkt: acl %d, sco %d", hdev
->name
,
400 hdev
->acl_mtu
, hdev
->sco_mtu
, hdev
->acl_pkts
, hdev
->sco_pkts
);
403 case OCF_READ_BD_ADDR
:
404 ba
= (struct hci_rp_read_bd_addr
*) skb
->data
;
407 bacpy(&hdev
->bdaddr
, &ba
->bdaddr
);
409 BT_DBG("%s: READ_BD_ADDR failed %d", hdev
->name
, ba
->status
);
412 hci_req_complete(hdev
, ba
->status
);
416 BT_DBG("%s Command complete: ogf INFO_PARAM ocf %x", hdev
->name
, ocf
);
421 /* Command Status OGF LINK_CTL */
422 static inline void hci_cs_create_conn(struct hci_dev
*hdev
, __u8 status
)
424 struct hci_conn
*conn
;
425 struct hci_cp_create_conn
*cp
= hci_sent_cmd_data(hdev
, OGF_LINK_CTL
, OCF_CREATE_CONN
);
432 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &cp
->bdaddr
);
434 BT_DBG("%s status 0x%x bdaddr %s conn %p", hdev
->name
,
435 status
, batostr(&cp
->bdaddr
), conn
);
438 if (conn
&& conn
->state
== BT_CONNECT
) {
439 if (status
!= 0x0c || conn
->attempt
> 2) {
440 conn
->state
= BT_CLOSED
;
441 hci_proto_connect_cfm(conn
, status
);
444 conn
->state
= BT_CONNECT2
;
448 conn
= hci_conn_add(hdev
, ACL_LINK
, &cp
->bdaddr
);
451 conn
->link_mode
|= HCI_LM_MASTER
;
453 BT_ERR("No memmory for new connection");
457 hci_dev_unlock(hdev
);
460 static void hci_cs_link_ctl(struct hci_dev
*hdev
, __u16 ocf
, __u8 status
)
462 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
465 case OCF_CREATE_CONN
:
466 hci_cs_create_conn(hdev
, status
);
471 struct hci_conn
*acl
, *sco
;
472 struct hci_cp_add_sco
*cp
= hci_sent_cmd_data(hdev
, OGF_LINK_CTL
, OCF_ADD_SCO
);
478 handle
= __le16_to_cpu(cp
->handle
);
480 BT_DBG("%s Add SCO error: handle %d status 0x%x", hdev
->name
, handle
, status
);
484 acl
= hci_conn_hash_lookup_handle(hdev
, handle
);
485 if (acl
&& (sco
= acl
->link
)) {
486 sco
->state
= BT_CLOSED
;
488 hci_proto_connect_cfm(sco
, status
);
492 hci_dev_unlock(hdev
);
498 BT_DBG("%s Inquiry error: status 0x%x", hdev
->name
, status
);
499 hci_req_complete(hdev
, status
);
501 set_bit(HCI_INQUIRY
, &hdev
->flags
);
506 BT_DBG("%s Command status: ogf LINK_CTL ocf %x status %d",
507 hdev
->name
, ocf
, status
);
512 /* Command Status OGF LINK_POLICY */
513 static void hci_cs_link_policy(struct hci_dev
*hdev
, __u16 ocf
, __u8 status
)
515 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
520 struct hci_conn
*conn
;
521 struct hci_cp_sniff_mode
*cp
= hci_sent_cmd_data(hdev
, OGF_LINK_POLICY
, OCF_SNIFF_MODE
);
528 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
530 clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
);
533 hci_dev_unlock(hdev
);
537 case OCF_EXIT_SNIFF_MODE
:
539 struct hci_conn
*conn
;
540 struct hci_cp_exit_sniff_mode
*cp
= hci_sent_cmd_data(hdev
, OGF_LINK_POLICY
, OCF_EXIT_SNIFF_MODE
);
547 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(cp
->handle
));
549 clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
);
552 hci_dev_unlock(hdev
);
557 BT_DBG("%s Command status: ogf LINK_POLICY ocf %x", hdev
->name
, ocf
);
562 /* Command Status OGF HOST_CTL */
563 static void hci_cs_host_ctl(struct hci_dev
*hdev
, __u16 ocf
, __u8 status
)
565 BT_DBG("%s ocf 0x%x", hdev
->name
, ocf
);
569 BT_DBG("%s Command status: ogf HOST_CTL ocf %x", hdev
->name
, ocf
);
574 /* Command Status OGF INFO_PARAM */
575 static void hci_cs_info_param(struct hci_dev
*hdev
, __u16 ocf
, __u8 status
)
577 BT_DBG("%s: hci_cs_info_param: ocf 0x%x", hdev
->name
, ocf
);
581 BT_DBG("%s Command status: ogf INFO_PARAM ocf %x", hdev
->name
, ocf
);
586 /* Inquiry Complete */
587 static inline void hci_inquiry_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
589 __u8 status
= *((__u8
*) skb
->data
);
590 struct hci_conn
*pend
;
592 BT_DBG("%s status %d", hdev
->name
, status
);
594 clear_bit(HCI_INQUIRY
, &hdev
->flags
);
595 hci_req_complete(hdev
, status
);
599 pend
= hci_conn_hash_lookup_state(hdev
, ACL_LINK
, BT_CONNECT2
);
601 hci_acl_connect(pend
);
603 hci_dev_unlock(hdev
);
607 static inline void hci_inquiry_result_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
609 struct inquiry_data data
;
610 struct inquiry_info
*info
= (struct inquiry_info
*) (skb
->data
+ 1);
611 int num_rsp
= *((__u8
*) skb
->data
);
613 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
620 for (; num_rsp
; num_rsp
--) {
621 bacpy(&data
.bdaddr
, &info
->bdaddr
);
622 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
623 data
.pscan_period_mode
= info
->pscan_period_mode
;
624 data
.pscan_mode
= info
->pscan_mode
;
625 memcpy(data
.dev_class
, info
->dev_class
, 3);
626 data
.clock_offset
= info
->clock_offset
;
629 hci_inquiry_cache_update(hdev
, &data
);
632 hci_dev_unlock(hdev
);
635 /* Inquiry Result With RSSI */
636 static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
638 struct inquiry_data data
;
639 int num_rsp
= *((__u8
*) skb
->data
);
641 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
648 if ((skb
->len
- 1) / num_rsp
!= sizeof(struct inquiry_info_with_rssi
)) {
649 struct inquiry_info_with_rssi_and_pscan_mode
*info
=
650 (struct inquiry_info_with_rssi_and_pscan_mode
*) (skb
->data
+ 1);
652 for (; num_rsp
; num_rsp
--) {
653 bacpy(&data
.bdaddr
, &info
->bdaddr
);
654 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
655 data
.pscan_period_mode
= info
->pscan_period_mode
;
656 data
.pscan_mode
= info
->pscan_mode
;
657 memcpy(data
.dev_class
, info
->dev_class
, 3);
658 data
.clock_offset
= info
->clock_offset
;
659 data
.rssi
= info
->rssi
;
661 hci_inquiry_cache_update(hdev
, &data
);
664 struct inquiry_info_with_rssi
*info
=
665 (struct inquiry_info_with_rssi
*) (skb
->data
+ 1);
667 for (; num_rsp
; num_rsp
--) {
668 bacpy(&data
.bdaddr
, &info
->bdaddr
);
669 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
670 data
.pscan_period_mode
= info
->pscan_period_mode
;
671 data
.pscan_mode
= 0x00;
672 memcpy(data
.dev_class
, info
->dev_class
, 3);
673 data
.clock_offset
= info
->clock_offset
;
674 data
.rssi
= info
->rssi
;
676 hci_inquiry_cache_update(hdev
, &data
);
680 hci_dev_unlock(hdev
);
683 /* Extended Inquiry Result */
684 static inline void hci_extended_inquiry_result_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
686 struct inquiry_data data
;
687 struct extended_inquiry_info
*info
= (struct extended_inquiry_info
*) (skb
->data
+ 1);
688 int num_rsp
= *((__u8
*) skb
->data
);
690 BT_DBG("%s num_rsp %d", hdev
->name
, num_rsp
);
697 for (; num_rsp
; num_rsp
--) {
698 bacpy(&data
.bdaddr
, &info
->bdaddr
);
699 data
.pscan_rep_mode
= info
->pscan_rep_mode
;
700 data
.pscan_period_mode
= info
->pscan_period_mode
;
701 data
.pscan_mode
= 0x00;
702 memcpy(data
.dev_class
, info
->dev_class
, 3);
703 data
.clock_offset
= info
->clock_offset
;
704 data
.rssi
= info
->rssi
;
706 hci_inquiry_cache_update(hdev
, &data
);
709 hci_dev_unlock(hdev
);
712 /* Connect Request */
713 static inline void hci_conn_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
715 struct hci_ev_conn_request
*ev
= (struct hci_ev_conn_request
*) skb
->data
;
716 int mask
= hdev
->link_mode
;
718 BT_DBG("%s Connection request: %s type 0x%x", hdev
->name
,
719 batostr(&ev
->bdaddr
), ev
->link_type
);
721 mask
|= hci_proto_connect_ind(hdev
, &ev
->bdaddr
, ev
->link_type
);
723 if (mask
& HCI_LM_ACCEPT
) {
724 /* Connection accepted */
725 struct hci_conn
*conn
;
726 struct hci_cp_accept_conn_req cp
;
729 conn
= hci_conn_hash_lookup_ba(hdev
, ev
->link_type
, &ev
->bdaddr
);
731 if (!(conn
= hci_conn_add(hdev
, ev
->link_type
, &ev
->bdaddr
))) {
732 BT_ERR("No memmory for new connection");
733 hci_dev_unlock(hdev
);
737 memcpy(conn
->dev_class
, ev
->dev_class
, 3);
738 conn
->state
= BT_CONNECT
;
739 hci_dev_unlock(hdev
);
741 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
743 if (lmp_rswitch_capable(hdev
) && (mask
& HCI_LM_MASTER
))
744 cp
.role
= 0x00; /* Become master */
746 cp
.role
= 0x01; /* Remain slave */
748 hci_send_cmd(hdev
, OGF_LINK_CTL
,
749 OCF_ACCEPT_CONN_REQ
, sizeof(cp
), &cp
);
751 /* Connection rejected */
752 struct hci_cp_reject_conn_req cp
;
754 bacpy(&cp
.bdaddr
, &ev
->bdaddr
);
756 hci_send_cmd(hdev
, OGF_LINK_CTL
,
757 OCF_REJECT_CONN_REQ
, sizeof(cp
), &cp
);
761 /* Connect Complete */
762 static inline void hci_conn_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
764 struct hci_ev_conn_complete
*ev
= (struct hci_ev_conn_complete
*) skb
->data
;
765 struct hci_conn
*conn
, *pend
;
767 BT_DBG("%s", hdev
->name
);
771 conn
= hci_conn_hash_lookup_ba(hdev
, ev
->link_type
, &ev
->bdaddr
);
773 hci_dev_unlock(hdev
);
778 conn
->handle
= __le16_to_cpu(ev
->handle
);
779 conn
->state
= BT_CONNECTED
;
781 if (test_bit(HCI_AUTH
, &hdev
->flags
))
782 conn
->link_mode
|= HCI_LM_AUTH
;
784 if (test_bit(HCI_ENCRYPT
, &hdev
->flags
))
785 conn
->link_mode
|= HCI_LM_ENCRYPT
;
787 /* Get remote features */
788 if (conn
->type
== ACL_LINK
) {
789 struct hci_cp_read_remote_features cp
;
790 cp
.handle
= ev
->handle
;
791 hci_send_cmd(hdev
, OGF_LINK_CTL
,
792 OCF_READ_REMOTE_FEATURES
, sizeof(cp
), &cp
);
795 /* Set link policy */
796 if (conn
->type
== ACL_LINK
&& hdev
->link_policy
) {
797 struct hci_cp_write_link_policy cp
;
798 cp
.handle
= ev
->handle
;
799 cp
.policy
= cpu_to_le16(hdev
->link_policy
);
800 hci_send_cmd(hdev
, OGF_LINK_POLICY
,
801 OCF_WRITE_LINK_POLICY
, sizeof(cp
), &cp
);
804 /* Set packet type for incoming connection */
806 struct hci_cp_change_conn_ptype cp
;
807 cp
.handle
= ev
->handle
;
808 cp
.pkt_type
= (conn
->type
== ACL_LINK
) ?
809 cpu_to_le16(hdev
->pkt_type
& ACL_PTYPE_MASK
):
810 cpu_to_le16(hdev
->pkt_type
& SCO_PTYPE_MASK
);
812 hci_send_cmd(hdev
, OGF_LINK_CTL
,
813 OCF_CHANGE_CONN_PTYPE
, sizeof(cp
), &cp
);
815 /* Update disconnect timer */
820 conn
->state
= BT_CLOSED
;
822 if (conn
->type
== ACL_LINK
) {
823 struct hci_conn
*sco
= conn
->link
;
826 hci_add_sco(sco
, conn
->handle
);
828 hci_proto_connect_cfm(sco
, ev
->status
);
834 hci_proto_connect_cfm(conn
, ev
->status
);
838 pend
= hci_conn_hash_lookup_state(hdev
, ACL_LINK
, BT_CONNECT2
);
840 hci_acl_connect(pend
);
842 hci_dev_unlock(hdev
);
845 /* Disconnect Complete */
846 static inline void hci_disconn_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
848 struct hci_ev_disconn_complete
*ev
= (struct hci_ev_disconn_complete
*) skb
->data
;
849 struct hci_conn
*conn
;
851 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
858 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
860 conn
->state
= BT_CLOSED
;
861 hci_proto_disconn_ind(conn
, ev
->reason
);
865 hci_dev_unlock(hdev
);
868 /* Number of completed packets */
869 static inline void hci_num_comp_pkts_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
871 struct hci_ev_num_comp_pkts
*ev
= (struct hci_ev_num_comp_pkts
*) skb
->data
;
875 skb_pull(skb
, sizeof(*ev
));
877 BT_DBG("%s num_hndl %d", hdev
->name
, ev
->num_hndl
);
879 if (skb
->len
< ev
->num_hndl
* 4) {
880 BT_DBG("%s bad parameters", hdev
->name
);
884 tasklet_disable(&hdev
->tx_task
);
886 for (i
= 0, ptr
= (__le16
*) skb
->data
; i
< ev
->num_hndl
; i
++) {
887 struct hci_conn
*conn
;
890 handle
= __le16_to_cpu(get_unaligned(ptr
++));
891 count
= __le16_to_cpu(get_unaligned(ptr
++));
893 conn
= hci_conn_hash_lookup_handle(hdev
, handle
);
897 if (conn
->type
== ACL_LINK
) {
898 if ((hdev
->acl_cnt
+= count
) > hdev
->acl_pkts
)
899 hdev
->acl_cnt
= hdev
->acl_pkts
;
901 if ((hdev
->sco_cnt
+= count
) > hdev
->sco_pkts
)
902 hdev
->sco_cnt
= hdev
->sco_pkts
;
908 tasklet_enable(&hdev
->tx_task
);
912 static inline void hci_role_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
914 struct hci_ev_role_change
*ev
= (struct hci_ev_role_change
*) skb
->data
;
915 struct hci_conn
*conn
;
917 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
921 conn
= hci_conn_hash_lookup_ba(hdev
, ACL_LINK
, &ev
->bdaddr
);
925 conn
->link_mode
&= ~HCI_LM_MASTER
;
927 conn
->link_mode
|= HCI_LM_MASTER
;
930 clear_bit(HCI_CONN_RSWITCH_PEND
, &conn
->pend
);
932 hci_role_switch_cfm(conn
, ev
->status
, ev
->role
);
935 hci_dev_unlock(hdev
);
939 static inline void hci_mode_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
941 struct hci_ev_mode_change
*ev
= (struct hci_ev_mode_change
*) skb
->data
;
942 struct hci_conn
*conn
;
944 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
948 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
950 conn
->mode
= ev
->mode
;
951 conn
->interval
= __le16_to_cpu(ev
->interval
);
953 if (!test_and_clear_bit(HCI_CONN_MODE_CHANGE_PEND
, &conn
->pend
)) {
954 if (conn
->mode
== HCI_CM_ACTIVE
)
955 conn
->power_save
= 1;
957 conn
->power_save
= 0;
961 hci_dev_unlock(hdev
);
964 /* Authentication Complete */
965 static inline void hci_auth_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
967 struct hci_ev_auth_complete
*ev
= (struct hci_ev_auth_complete
*) skb
->data
;
968 struct hci_conn
*conn
;
970 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
974 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
977 conn
->link_mode
|= HCI_LM_AUTH
;
979 clear_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
);
981 hci_auth_cfm(conn
, ev
->status
);
983 if (test_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
)) {
985 struct hci_cp_set_conn_encrypt cp
;
986 cp
.handle
= cpu_to_le16(conn
->handle
);
988 hci_send_cmd(conn
->hdev
, OGF_LINK_CTL
,
989 OCF_SET_CONN_ENCRYPT
, sizeof(cp
), &cp
);
991 clear_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
);
992 hci_encrypt_cfm(conn
, ev
->status
, 0x00);
997 hci_dev_unlock(hdev
);
1000 /* Encryption Change */
1001 static inline void hci_encrypt_change_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1003 struct hci_ev_encrypt_change
*ev
= (struct hci_ev_encrypt_change
*) skb
->data
;
1004 struct hci_conn
*conn
;
1006 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1010 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1014 conn
->link_mode
|= HCI_LM_ENCRYPT
;
1016 conn
->link_mode
&= ~HCI_LM_ENCRYPT
;
1019 clear_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->pend
);
1021 hci_encrypt_cfm(conn
, ev
->status
, ev
->encrypt
);
1024 hci_dev_unlock(hdev
);
1027 /* Change Connection Link Key Complete */
1028 static inline void hci_change_conn_link_key_complete_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1030 struct hci_ev_change_conn_link_key_complete
*ev
= (struct hci_ev_change_conn_link_key_complete
*) skb
->data
;
1031 struct hci_conn
*conn
;
1033 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1037 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1040 conn
->link_mode
|= HCI_LM_SECURE
;
1042 clear_bit(HCI_CONN_AUTH_PEND
, &conn
->pend
);
1044 hci_key_change_cfm(conn
, ev
->status
);
1047 hci_dev_unlock(hdev
);
1050 /* Pin Code Request*/
1051 static inline void hci_pin_code_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1055 /* Link Key Request */
1056 static inline void hci_link_key_request_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1060 /* Link Key Notification */
1061 static inline void hci_link_key_notify_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1065 /* Remote Features */
1066 static inline void hci_remote_features_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1068 struct hci_ev_remote_features
*ev
= (struct hci_ev_remote_features
*) skb
->data
;
1069 struct hci_conn
*conn
;
1071 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1075 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1076 if (conn
&& !ev
->status
) {
1077 memcpy(conn
->features
, ev
->features
, sizeof(conn
->features
));
1080 hci_dev_unlock(hdev
);
1084 static inline void hci_clock_offset_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1086 struct hci_ev_clock_offset
*ev
= (struct hci_ev_clock_offset
*) skb
->data
;
1087 struct hci_conn
*conn
;
1089 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1093 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1094 if (conn
&& !ev
->status
) {
1095 struct inquiry_entry
*ie
;
1097 if ((ie
= hci_inquiry_cache_lookup(hdev
, &conn
->dst
))) {
1098 ie
->data
.clock_offset
= ev
->clock_offset
;
1099 ie
->timestamp
= jiffies
;
1103 hci_dev_unlock(hdev
);
1106 /* Page Scan Repetition Mode */
1107 static inline void hci_pscan_rep_mode_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1109 struct hci_ev_pscan_rep_mode
*ev
= (struct hci_ev_pscan_rep_mode
*) skb
->data
;
1110 struct inquiry_entry
*ie
;
1112 BT_DBG("%s", hdev
->name
);
1116 if ((ie
= hci_inquiry_cache_lookup(hdev
, &ev
->bdaddr
))) {
1117 ie
->data
.pscan_rep_mode
= ev
->pscan_rep_mode
;
1118 ie
->timestamp
= jiffies
;
1121 hci_dev_unlock(hdev
);
1125 static inline void hci_sniff_subrate_evt(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1127 struct hci_ev_sniff_subrate
*ev
= (struct hci_ev_sniff_subrate
*) skb
->data
;
1128 struct hci_conn
*conn
;
1130 BT_DBG("%s status %d", hdev
->name
, ev
->status
);
1134 conn
= hci_conn_hash_lookup_handle(hdev
, __le16_to_cpu(ev
->handle
));
1138 hci_dev_unlock(hdev
);
1141 void hci_event_packet(struct hci_dev
*hdev
, struct sk_buff
*skb
)
1143 struct hci_event_hdr
*hdr
= (struct hci_event_hdr
*) skb
->data
;
1144 struct hci_ev_cmd_complete
*ec
;
1145 struct hci_ev_cmd_status
*cs
;
1146 u16 opcode
, ocf
, ogf
;
1148 skb_pull(skb
, HCI_EVENT_HDR_SIZE
);
1150 BT_DBG("%s evt 0x%x", hdev
->name
, hdr
->evt
);
1153 case HCI_EV_NUM_COMP_PKTS
:
1154 hci_num_comp_pkts_evt(hdev
, skb
);
1157 case HCI_EV_INQUIRY_COMPLETE
:
1158 hci_inquiry_complete_evt(hdev
, skb
);
1161 case HCI_EV_INQUIRY_RESULT
:
1162 hci_inquiry_result_evt(hdev
, skb
);
1165 case HCI_EV_INQUIRY_RESULT_WITH_RSSI
:
1166 hci_inquiry_result_with_rssi_evt(hdev
, skb
);
1169 case HCI_EV_EXTENDED_INQUIRY_RESULT
:
1170 hci_extended_inquiry_result_evt(hdev
, skb
);
1173 case HCI_EV_CONN_REQUEST
:
1174 hci_conn_request_evt(hdev
, skb
);
1177 case HCI_EV_CONN_COMPLETE
:
1178 hci_conn_complete_evt(hdev
, skb
);
1181 case HCI_EV_DISCONN_COMPLETE
:
1182 hci_disconn_complete_evt(hdev
, skb
);
1185 case HCI_EV_ROLE_CHANGE
:
1186 hci_role_change_evt(hdev
, skb
);
1189 case HCI_EV_MODE_CHANGE
:
1190 hci_mode_change_evt(hdev
, skb
);
1193 case HCI_EV_AUTH_COMPLETE
:
1194 hci_auth_complete_evt(hdev
, skb
);
1197 case HCI_EV_ENCRYPT_CHANGE
:
1198 hci_encrypt_change_evt(hdev
, skb
);
1201 case HCI_EV_CHANGE_CONN_LINK_KEY_COMPLETE
:
1202 hci_change_conn_link_key_complete_evt(hdev
, skb
);
1205 case HCI_EV_PIN_CODE_REQ
:
1206 hci_pin_code_request_evt(hdev
, skb
);
1209 case HCI_EV_LINK_KEY_REQ
:
1210 hci_link_key_request_evt(hdev
, skb
);
1213 case HCI_EV_LINK_KEY_NOTIFY
:
1214 hci_link_key_notify_evt(hdev
, skb
);
1217 case HCI_EV_REMOTE_FEATURES
:
1218 hci_remote_features_evt(hdev
, skb
);
1221 case HCI_EV_CLOCK_OFFSET
:
1222 hci_clock_offset_evt(hdev
, skb
);
1225 case HCI_EV_PSCAN_REP_MODE
:
1226 hci_pscan_rep_mode_evt(hdev
, skb
);
1229 case HCI_EV_SNIFF_SUBRATE
:
1230 hci_sniff_subrate_evt(hdev
, skb
);
1233 case HCI_EV_CMD_STATUS
:
1234 cs
= (struct hci_ev_cmd_status
*) skb
->data
;
1235 skb_pull(skb
, sizeof(cs
));
1237 opcode
= __le16_to_cpu(cs
->opcode
);
1238 ogf
= hci_opcode_ogf(opcode
);
1239 ocf
= hci_opcode_ocf(opcode
);
1242 case OGF_INFO_PARAM
:
1243 hci_cs_info_param(hdev
, ocf
, cs
->status
);
1247 hci_cs_host_ctl(hdev
, ocf
, cs
->status
);
1251 hci_cs_link_ctl(hdev
, ocf
, cs
->status
);
1254 case OGF_LINK_POLICY
:
1255 hci_cs_link_policy(hdev
, ocf
, cs
->status
);
1259 BT_DBG("%s Command Status OGF %x", hdev
->name
, ogf
);
1264 atomic_set(&hdev
->cmd_cnt
, 1);
1265 if (!skb_queue_empty(&hdev
->cmd_q
))
1266 hci_sched_cmd(hdev
);
1270 case HCI_EV_CMD_COMPLETE
:
1271 ec
= (struct hci_ev_cmd_complete
*) skb
->data
;
1272 skb_pull(skb
, sizeof(*ec
));
1274 opcode
= __le16_to_cpu(ec
->opcode
);
1275 ogf
= hci_opcode_ogf(opcode
);
1276 ocf
= hci_opcode_ocf(opcode
);
1279 case OGF_INFO_PARAM
:
1280 hci_cc_info_param(hdev
, ocf
, skb
);
1284 hci_cc_host_ctl(hdev
, ocf
, skb
);
1288 hci_cc_link_ctl(hdev
, ocf
, skb
);
1291 case OGF_LINK_POLICY
:
1292 hci_cc_link_policy(hdev
, ocf
, skb
);
1296 BT_DBG("%s Command Completed OGF %x", hdev
->name
, ogf
);
1301 atomic_set(&hdev
->cmd_cnt
, 1);
1302 if (!skb_queue_empty(&hdev
->cmd_q
))
1303 hci_sched_cmd(hdev
);
1309 hdev
->stat
.evt_rx
++;
1312 /* Generate internal stack event */
1313 void hci_si_event(struct hci_dev
*hdev
, int type
, int dlen
, void *data
)
1315 struct hci_event_hdr
*hdr
;
1316 struct hci_ev_stack_internal
*ev
;
1317 struct sk_buff
*skb
;
1319 skb
= bt_skb_alloc(HCI_EVENT_HDR_SIZE
+ sizeof(*ev
) + dlen
, GFP_ATOMIC
);
1323 hdr
= (void *) skb_put(skb
, HCI_EVENT_HDR_SIZE
);
1324 hdr
->evt
= HCI_EV_STACK_INTERNAL
;
1325 hdr
->plen
= sizeof(*ev
) + dlen
;
1327 ev
= (void *) skb_put(skb
, sizeof(*ev
) + dlen
);
1329 memcpy(ev
->data
, data
, dlen
);
1331 bt_cb(skb
)->incoming
= 1;
1332 __net_timestamp(skb
);
1334 bt_cb(skb
)->pkt_type
= HCI_EVENT_PKT
;
1335 skb
->dev
= (void *) hdev
;
1336 hci_send_to_sock(hdev
, skb
);